Cybersecurity, Cyber, IT, news, computer, security, hacker, whitehat, blackhat, gray hat, education, penetration tester, information security, hacking, video, operating system, OS, google,googledork, VM, online safety, internet security research, article, ethical, elearning, security+, technology, google hacking, windows administrator, tools, free tools, networking resources, SMB,help, cyber-security

Pentesting- General     How-To's       Tools       Scripts       Links     New Interesting Exploit Code

 Interesting Exploits           (Updated as of:  1/16/2017)

Exploit Platform Link
VirtualBox Shared Folder Traversal  (New) Oracle VirtualBox < 5.1.16 code download
Xen Memory_Exch() Guest Breakout  (New) All Xen versions < XSA-29 code download
Joomla Web App SQLi  (New) Joomla Extra Search 2.2.8 code download
macOS HelpViewer XSS Leads to Arbitrary File Execution & Arbitrary File Read   (New) macOS Sierra 10.12.1 (possible others) code download
IBM WebSphere RCE Java Deserialization Vulnerability   (New) IBM WebSphere 7.0 code download
Apache Struts Jakarta Multipart Parser OGNL Injection  (New) Apache Struts 2.3.5-2.3.31 & 2.5-2.5.10 code download
HP Smart Storage Administrator Remote Command Injection HP Smart Storage < v.2.60.18.0 code download
Apache Struts 2 2.3.x / 2.5.x Remote Code Execution Apache Web Servers code download
Microsoft Remote Desktop Client for Mac Remote Code Execution (vid)   Mac RDP Client version 8.0.36 code download
Polycom VVX Web Interface Admin Password Modification Polycom VVX Firemware code download
Win32k.sys Kernel Escalation  Win 7 sp1,8.1, 10 < 14393, 2012 R2 code download
Kernel - Use after Free macOS < 10.12.2 code download
PHPMailer < 5.2.20 Linux versions code download
SAP Information Disclosure  SAP Solman v 7.1 - 7.31 code download
McAfee AV Enterprise for Linux RCE  Linux OS (multiple versions) code download
Cisco UC Mgr Directory Transversal  Cisco UIC Mgr v.7-v9 code download
NtSetWindowLongPtr' Privilege Escalation (MS16-135)  Windows 10 code download
VHDMP Arbitrary Local File Creation Privilege Escalation (MS16-138)  Windows 7-10 code download
Aruba Networks Backdoor AOS version 6.3.1.19 code download
Docker Daemon Local Privilege Escalation Linux Dockers Implementations code download
Apache Tomcat Priv Escalation RHL 6x-8x; CentOS, OracleLinux, Fedora code download
TeamViewer 11 Local Credential Disclosure  Windows 7 (x64) code download 
Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit)  Windows Vista, Win7 (x86/x64), Win10(?) code download
Secondary Logon Handle Local Privilege Escalation  Windows 7-10 & 2k8-2k12 (32 & 64 bit) code download
WebDav Local Privilege Escalation MS16-016 Win7 code download
GNU wget RCE w/shadow dump GNU Wget < 1.18 code download
HP Data Protector Command Code Execution HP Data Protector <=  vers: A.09.00 code download
SCADA ETAP v 14.1.0.0 Control Platform Local Privilege Escalation Windows 7 code download
Cisco ASA IKEv1 and IKEv2 Buffer Overflow ASA v 8.x - 9.x code download
Multiple JVC HDRs and Net Cameras RCE and Takeover Multiple models fo JVC HDR & Netcamera's code download
QuickBooks Desktop v 2007 - 2016 Arbitrary SQL Code Execution QB version 2007 - 2016 code download
WebDAV Elevation of Privilege Vulnerability Windows 7 84x code download
Apache Struts Dynamic Method Invocation Remote Code Execution Linux (Apache v. 2.3.20 and 2.3.28) code download
libgd Open-Source Image Library Remote Heap Overflow (CVE-2016-3074) PHP (libgd 2.1.1) code download
Use-After-Free via double-fdput in bpf Error Path Linux Kernel 4.4.x (Ubuntu 16.04) code download
EMC ViPR Storage Resource Mgt tool CRRF Vulnerability EMC ViPR SRM prior to version 3.7 code download
Multi-core Race Condition in Windows allows for PowerShell Local Privilege Escalation Win 7-10 & Svr 2008-2012 code download
Perl EXIM Start_up Privilege Escalation  Exim MTA < 4.86.2 code download
Oracle App Testing Suite Authentication Bypass & File Upload Exploit  Oracle Test Suite 12.4.0.2.0 code download
SNMP Format String Exploit  PHP <= 7.0.4 code download
Dell KACE K1000 Security Appliance File Upload  Kace K1000 code download
Apple Graphics Driver Local Privilege Escalation for OSX 10.11.2  Mac code download
Multiple CCTV-DVR Vendors - Remote Code Execution Linux Embedded code download
Konica Minolta FTP RCE Command Shell  Windows (unspecified) code download
Dell OpenManage Svr Admin 8.2 Directory Traversal  Windows 7 x64 code download
Linux kernel REFCOUNT overflow/Use-After-Free in keyrings  Linux Kernel 3.8> code download
Microsoft WebDav Local Privilege Escalation (Notes say BSOD but script shows shell) Windows 7 SP1 x86 code download
Linux User Namespace OverlayFS Mount Linux Kernel 4.3.2 code download
Windows Local Sandboxed Mount Reparse Point Redux 2 - Bypasses ACL (MS-16-008) Windows 8.1 (Possibly 2012) code download
Fortinet Backdoor Exploit Fortinet Appliances v 4.x - 5.0.7 code download
Konica Minolta FTP Bypass Remote Shell  Windows 7 SP1 code download
What’s Up Gold 16.3 RCE  Windows 7 code download
FireEye Wormable Remote Code Execution in MIP JAR Analysis FireEye Security Appliances code download
ManageEngine Desktop Central 9 File Upload Servlet Connection Id Vulnerability Windows code download
Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132) Windows 7(x86) & MS Office 2010 code download
PFSense  <= 2.2.5 Directory Traversal pfSense Installations < 2.2.5 code download
PhpSocial 2.0.0304_20222226 - CSRF Vulnerability (Privilege Escalation) PHPSocial.net installations code download
FTPShell Client 5.24 - Buffer Overflow; Remote Code Execution Windows 7 SP1 (x86) code download
Microsoft Windows win32k Local Privilege Escalation (MS15-010)   code download
Ubuntu 14.04, 15.10 Local Root Exploit   code download